package com.wn.pettyloan.security.emp;

import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * @program: pettyloan
 * @ClassName EmpLoginFilter
 * @description:
 * @author: 韩旭
 * @create: 2022-12-15 14:31
 **/
public class EmpLoginFilter extends AbstractAuthenticationProcessingFilter {
    //定义过滤器拦截的请求映射
    private final static String matchUrl = "/emp/login";

    public EmpLoginFilter() {
        super(new AntPathRequestMatcher(matchUrl));
    }
    @Override
    public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException, IOException, ServletException {

        String tel = request.getParameter("empUacc");
        String password = request.getParameter("empPassword");
        System.out.println(tel);
        System.out.println(password);
        //初始化一个我们自定义的未经认证的Authentication对象
        UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(request.getParameter("empUacc"), request.getParameter("empPassword"));
        //调用所有的身份验证处理器循环进行验证，返回一个经过验证的Authentication对象
        return this.getAuthenticationManager().authenticate(authenticationToken);
    }

}